<?php
if(!defined('IN_SITE')) exit('Access Denied');
$db->table="systemuser";
switch($do)
{
    case "auth":
        $username = strtolower(post('username'));
        $password = post('password');
        $code = post("code");
        if($code!=$_SESSION["validationcode"])
        {
            echo "CE";//Code Error 验证码错误
            exit;
        }
        $info = $db->SelectS("select id,password from systemuser where username='".$username."'",1);
        if(is_array($info)) {
            if($info["password"]==md5($password)) {
            	$db->query("update systemuser set lasttime=".time()." where username='".$username."'");
            	$_SESSION["___isadmin"] = $info['id'];
          		echo 'S';//Success 登录成功
                //msg("登录成功", "index.php?mod=message&act=manage&do=set");
            }
            else {
            	echo 'PE';//Password Error 密码错误
            }
        }
        else {
        	echo 'E';//Error 用户名或密码错误
        }
        exit;
    break;
    default:
        exit("<script language='javascript'>history.back();</script>");
    break;
}

?>